I am using jQuery and prototype libarary fro this project.

I have this code so far:

HTML:

<div id="cnt"></div> <input type ="text" id="bla" name="tct"/>
Javascript:

if(e.keycode == 13){
    var text = document.getElementById('#bla');
    text= $('#bla').val();
    //text.evaljson();
    //I put a comment because it gives me error "badly formed json string"
    $('#cnt').append(text); 
   }

When I place some code like <script> alert('hello world');</script> it gets executed.

How can I remove it?

your example giving me error of csrf. here is tht error
Forbidden (403)
CSRF verification failed. Request aborted.
More information is available with DEBUG=True.

Member Avatar

diafol

Sounds llke an issue with form submission. You sure it.s to do with this?

i run his example and i putvalue in textbox and hit entere then there come that error. u can check urself

Member Avatar

diafol

Take off the form tags and

$('#bla').on('change', function () {
    var text = $('#bla').val();
    $('#cnt').append(document.createTextNode(text));
});